Java利用Cookie或Session实现登录验证

简单的登录验证可以通过Session或者Cookie实现,具体如下:

一、利用Session实现登录验证

1、自定义HandlerInterceptor

public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public void afterCompletion(HttpServletRequest request,
                                HttpServletResponse response, Object obj, Exception err)
            throws Exception {
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response,
                           Object obj, ModelAndView mav) throws Exception {

    }

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
                             Object obj) throws Exception {
        //获取session里的登录状态值
        String str = (String) request.getSession().getAttribute("isLogin");
        //如果登录状态不为空则返回true,返回true则会执行相应controller的方法
        if(str!=null){
            return true;
        }
        //如果登录状态为空则重定向到登录页面,并返回false,不执行原来controller的方法
        response.sendRedirect("/loginPage");
        return false;
    }
}

2、编写Controller,实现登录登出

@Controller
@RequestMapping("")
public class BackendController {

    
    @RequestMapping(value = "/login", method = {RequestMethod.POST})
    public String login(HttpServletRequest request,RedirectAttributes model, String name, String password){
        //验证账号密码,如果符合则改变session里的状态,并重定向到主页
        if ("xxx".equals(name)&&"123456".equals(password)){
            request.getSession().setAttribute("isLogin","yes");
            return "redirect:IndexPage";
        }else {
            //密码错误则重定向回登录页,并返回错误,因为是重定向所要要用到RedirectAttributes
            model.addFlashAttribute("error","密码错误");
            return "redirect:loginPage";
        }
    }
    //登出,移除登录状态并重定向的登录页
    @RequestMapping(value = "/loginOut", method = {RequestMethod.GET})
    public String loginOut(HttpServletRequest request) {
        request.getSession().removeAttribute("isLogin");
        return "redirect:loginPage";
    }
   

}

2、利用Cookie实现登录验证

         如果想登录状态退出浏览器后仍保留一段时间的可以将Session改为Cookie。

 1、自定义HandlerInterceptor

public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public void afterCompletion(HttpServletRequest request,
                                HttpServletResponse response, Object obj, Exception err)
            throws Exception {
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response,
                           Object obj, ModelAndView mav) throws Exception {

    }

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
                             Object obj) throws Exception {
//        获取request的cookie
        Cookie[] cookies = request.getCookies();
        if (null==cookies) {
            System.out.println("没有cookie==============");
        } else {
//            遍历cookie如果找到登录状态则返回true执行原来controller的方法
            for(Cookie cookie : cookies){
                if(cookie.getName().equals("isLogin")){
                    return true;
                }
            }
        }
//        没有找到登录状态则重定向到登录页,返回false,不执行原来controller的方法
        response.sendRedirect("/loginPage");
        return false;
    }
}

2、编写Controller层代码实现登录登出

@Controller
@RequestMapping("")
public class BackendController {

    @RequestMapping(value = "/loginPage", method = {RequestMethod.GET})
    public String loginPage(HttpServletRequest request, String account, String password) {
        return "login";
    }

    @RequestMapping(value = "/login", method = {RequestMethod.POST})
    public String login(HttpServletRequest request, HttpServletResponse response, RedirectAttributes model, String name, String password) {
        if ("xxx".equals(name) && "123456".equals(password)) {
            Cookie cookie = new Cookie("isLogin", "yes");
            cookie.setMaxAge(30 * 60);// 设置为30min
            cookie.setPath("/");
            response.addCookie(cookie);
            return "redirect:IndexPage";
        } else {
            model.addFlashAttribute("error", "密码错误");
            return "redirect:loginPage";
        }
    }

    @RequestMapping(value = "/logOut", method = {RequestMethod.GET})
    public String loginOut(HttpServletRequest request, HttpServletResponse response) {
        Cookie[] cookies = request.getCookies();
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals("isLogin")) {
                cookie.setValue(null);
                cookie.setMaxAge(0);// 立即销毁cookie
                cookie.setPath("/");
                response.addCookie(cookie);
                break;
            }
        }
        return "redirect:loginPage";
    }
}

另外,无论基于Session还是Cookie的登录验证都需要对HandlerInteceptor进行配置,增加对URL的拦截过滤机制。

 
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值